iptables fubared?
Tim
ignored_mailbox at yahoo.com.au
Fri Oct 5 08:37:28 UTC 2012
On Thu, 2012-10-04 at 12:45 -0700, Mark Space wrote:
> I'm not sure where I could have fubared this. I did try to redirect
> the ports from 80 to 8080, perhaps that was done incorrectly?
You've tested that you can browse to localhost on port 80, but have you
also tested that web server is listening to port 8080, by browsing to
that port on the same machine (or over ssh)?
Why are you redirecting, though? If there's a block on port 80, then
your attempt to get in on port 80 and redirect to port 8080 isn't going
work. Which way are you *trying* to redirect?
Last time I played with redirection (long ago), I did it to the input
and/or NAT rules, not the output rules. Redirecting incoming
connections on a port that would be allowed, to the port that was
listening.
## Redirect webserver visitors past my ISP's firewalling (blocking port 80):
## incoming port 8000 connections sent to the port 80 listening server
iptables --table nat --append PREROUTING --protocol tcp --dport 8000 --jump REDIRECT --to-port 80
But, it can be easier to just have the server listen to the port that's
not blocked, and not do any redirection.
--
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
More information about the users
mailing list